Skip to content

test: push crypto + fsutil coverage to portable ceiling#1

Merged
TeoSlayer merged 1 commit into
mainfrom
add-test-coverage
May 28, 2026
Merged

test: push crypto + fsutil coverage to portable ceiling#1
TeoSlayer merged 1 commit into
mainfrom
add-test-coverage

Conversation

@TeoSlayer
Copy link
Copy Markdown
Contributor

@TeoSlayer TeoSlayer commented May 28, 2026

Summary

  • crypto coverage 92.0% -> 96.0%
  • fsutil coverage 58.1% -> 61.3%
  • total coverage 79.0% -> 82.7%

Only new *_test.go files; no production code touched. go test -race -count=1 -timeout 180s ./... passes.

What's new

  • crypto/zz_coverage_test.go
    • LoadIdentity loose-permissions warn branch (chmod 0644, capture default slog handler output)
    • LoadIdentity os.ReadFile non-NotExist error path (path = directory; EISDIR is not IsNotExist)
    • LoadIdentity 0o600 negative case (no warning)
    • Sign/Verify empty + 1MiB messages
    • Decode{Public,Private}Key on empty string
    • Concurrent LoadIdentity readers + SaveIdentity overwrite
  • fsutil/zz_coverage_test.go
    • AppendSync empty/nil/large payload, error-wrap message, 100-append ordering, open-against-directory
    • AtomicWrite rename-onto-non-empty-dir (open/write/sync/close succeed, rename fails)
    • AtomicWrite empty/nil/large payload, mode 0600 preservation when overwriting 0o644, concurrent writers
  • Includes zz_save_test.go + zz_fsutil_test.go that were sitting untracked in the worktree (already counted in the prior baseline; tracking them prevents regression)

Honest ceiling

The remaining ~17% of fsutil and ~4% of crypto are defensive error-handling branches with no portable trigger:

File Lines Why unreachable
crypto/identity.go L25-27 ed25519.GenerateKey(rand.Reader)crypto/rand does not fail on a sane system
crypto/identity.go L94-96 json.MarshalIndent of {string, string} cannot fail
fsutil/fsutil.go AppendSync write/sync errors Open succeeds + write fails requires /dev/full (Linux-only) or a full filesystem; not portable
fsutil/fsutil.go AtomicWrite write/sync/close errors Same: post-open write/sync errors lack a portable trigger

Reaching 100% would need either a source-level injection seam (out of scope: rules forbid editing non-test files) or a ramdisk fixture.

Test plan

  • go test -race -count=1 -timeout 180s ./... passes (1.2s crypto, 1.8s fsutil)
  • go tool cover -func confirms LoadIdentity 90.5% -> 100.0%, total 79.0% -> 82.7%
  • No production source files modified

@teovl
test: push crypto + fsutil coverage to portable ceiling
faa5884 
crypto: 92.0% -> 96.0%
fsutil: 58.1% -> 61.3%
total : 79.0% -> 82.7%

New test files (zz_coverage_test.go in each package) cover:
- LoadIdentity loose-permissions warn branch (chmod 0644 + capture
  slog default handler output)
- LoadIdentity os.ReadFile non-NotExist error path (point at a
  directory; EISDIR is not IsNotExist)
- LoadIdentity 0o600 negative case (no warning emitted)
- Sign/Verify empty + 1MiB messages
- Decode{Public,Private}Key on empty string (size check)
- Concurrent LoadIdentity readers and SaveIdentity overwrite
- AppendSync empty/nil/large payload, error-wrap message,
  100-append ordering, open-against-directory
- AtomicWrite rename-onto-non-empty-dir (open+write+sync+close
  all succeed, rename fails), empty/nil/large payload, mode 0600
  preservation when overwriting 0o644, concurrent writers to
  distinct paths

Also includes zz_save_test.go and zz_fsutil_test.go that were
sitting untracked in the worktree -- they were already counted in
the prior baseline and removing them would have regressed it.

Unreachable in portable tests (~17% of fsutil, ~4% of crypto):
- ed25519.GenerateKey error path: crypto/rand.Reader cannot fail
- json.MarshalIndent of {string, string} struct: cannot fail
- AppendSync / AtomicWrite f.Write / f.Sync / f.Close error
  branches after a successful open: no portable trigger on a
  healthy filesystem. macOS lacks /dev/full, opening a directory
  or socket fails at the open call (not at write), FIFO O_NONBLOCK
  isn't portable in Go's os package. Would require either a
  package-level injection point (out of scope: no source edits) or
  a synthetic ramdisk (overkill for a unit test).
@codecov
Copy link
Copy Markdown

codecov Bot commented May 28, 2026

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

ℹ️ You can also turn on project coverage checks and project coverage reporting on Pull Request comment

Thanks for integrating Codecov - We've got you covered ☂️

@TeoSlayer TeoSlayer merged commit e829cd0 into main May 28, 2026
2 checks passed
@TeoSlayer TeoSlayer deleted the add-test-coverage branch May 28, 2026 00:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@TeoSlayer @teovl